Qualys Cloud Platform

Qualys the best vulnerability scanner

Opmerkingen: Based on the experience I have with Qualys, it is very impressive to capture the vulnerabilities, this compiles a complete report of the risks that your infrastructure has, in addition the patches have very precise information that allows you to carry out the remediation very effectively. The analyzes are detailed and very complete, it works very well to carry out the compliance stages of PCI, CIS, etc... Providing a great guarantee that periodically your organization has an armored infrastructure.

Pluspunten:

In the firts instance we could see its operation inside a beast and we were amazed, its different configurations to make scans allows to obtain much more complete results than other programs. Qualys as a pentesting tool allows you to analyze those areas of greatest risk within your organization to remedy them. The ability to perform scans for a particular plugin is one of the features that other software should envy to Qualys. Your reports have a very detailed information that allows you to quickly identify vulnerabilities.

Minpunten:

I have no negative comments, it has worked very well in the company and with our allies.

In my oppinion, the best vulnerability management solution in the market

Pluspunten:

From my years of experience with vulnerability management solutions, Qualys is the best one in the market. First, it is really easy to set up, specially the cloud solution. In less than few hours you can start scanning your environment. Second, it's vulnerability database is constantly updated with the latest vulnerabilities. Third, it contains tons of apps that extends its capabilities (e.g. Asset management app, web application scanning, PCI compliance monitoring, etc.) ...

Minpunten:

The price tag is not the cheapest one. Their licensing model is per IP on the scope, not per live IPs. So for example, if you have three /24 networks with one server each, you will be paying to scan 765 IPs (255*3) instead of only 3 IPs.

Best vulnerabilities management tool

Pluspunten:

Qualys is easily the best VM tool available because of many features like easy deployment, good UI, great customer support and outstanding VM features especially scanning, asset management, reporting etc. Container security and policy compliance modules work like a charm.

Minpunten:

There is no offline deployment in qualys, so for air gapped environments Qualys cannot be used.

Qualys VM

Opmerkingen: They need to make the product better .. Focus ion ease of use. Get a focus group going.

Pluspunten:

Agent deployment is simple. The software offers much if configured right. I dislike the add on services model.

Minpunten:

False positives. If a later software update rectifies an older vulnerability then there is no need to show asset is vulnerable. Vuln that shows up in Asset View is different in Vuln View.. Why? Salesperson quit after the sale which sucked. Replacement helped but was not focused on us.

Qualys Cloud Platform - A Complete Solution for all your security needs

Opmerkingen: Qualys helps companies discover, design, diagonoze,defend and monitor their business assets and corresponding threats .

Pluspunten:

The Console . The Qualys console has all the modules like VMDR , PC, SCA, PM , FIM etc. The Same agent can be used to perform all these tasks and scan for vulnerabilities . Its pretty straightforward and easy.

Minpunten:

Reporting format is a bit shaggy if you would ask me ..But having said that , the addition and deletion of controls also has to be more easily doable.